Thank you for your post!
Could you please check the below
The user is signing in from a location that is not covered by the Conditional Access policy. Make sure that the policy is configured to apply to all locations where the user might sign in from.
Also, verify that you have Enable combined registration in Azure AD
for more information can you please refer the below article
How to Set Up Passwordless Sign-in Using the Microsoft Authenticator App
if the issue is persist, please check sign-in logs for the user to see if any insights can be noticed. The logs might indicate which policy is being applied and why the passwordless method is not triggering.
Do let us know if you any further queries.
Thanks,
Akhilesh
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.